Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kPaA_KfJMP0f3FM2dTha6Q-0FnI.cer
File: kPaA_KfJMP0f3FM2dTha6Q-0FnI.cer (raw, json)
Hash identifier: LEIQRkUb0HLQtGGSWQtOnb9AIPOZkc5QnL1Zn698S3I=
Subject key identifier: 90:F6:80:FC:A7:C9:30:FD:1F:DC:53:36:75:38:5A:E9:0F:B4:16:72
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0262EF
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 03 Sep 2025 04:28:51 +0000
Certificate not after: Tue 01 Dec 2026 00:00:00 +0000
Subordinate resources: AS: 9465
IP: 103.255.0.0/23
IP: 2401:26e0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 24 Sep 2025 18:42:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156399 (0x262ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Sep 3 04:28:51 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=A91248C9, serialNumber=90F680FCA7C930FD1FDC533675385AE90FB41672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:00:50:1c:4e:32:ca:c5:31:91:e0:da:06:b5:
1c:53:ca:e4:87:45:48:1e:f5:42:14:f8:64:a2:a5:
56:59:6b:7f:17:69:18:84:80:86:5a:d3:db:44:fe:
4f:ef:40:d2:db:97:29:90:db:81:22:ea:5f:ac:4b:
3a:69:99:f7:f9:68:ba:4b:c3:79:01:ad:42:e9:b9:
78:14:a6:a5:15:7c:63:5f:6f:5d:38:9c:e3:5d:3f:
d1:1a:c8:16:06:77:9e:32:d3:9e:af:ec:ea:f1:d0:
a7:b5:57:9a:58:ea:16:51:67:09:85:c0:ed:f5:2d:
61:d8:65:ce:f8:cb:81:e7:f5:c5:60:fa:dd:d0:cd:
f8:d2:47:16:c6:6f:09:a1:8a:1b:4f:d8:c0:f1:37:
63:bc:49:dd:5f:8a:3e:7c:b3:57:a3:23:cc:8e:40:
8b:65:ae:4a:64:35:03:4e:61:3c:af:f2:41:f2:cd:
6a:2e:fe:25:2d:ab:f4:c4:03:bf:b3:de:52:2b:7b:
7c:7d:c9:12:60:ab:c8:32:cb:6a:8c:fe:a3:25:7d:
10:c9:e6:14:24:54:7e:1d:17:9d:04:6d:7a:c5:25:
b5:2b:fd:db:23:25:50:46:19:fa:45:06:bf:6c:9b:
e0:37:61:83:ab:ca:c9:35:66:b7:5d:aa:98:70:66:
80:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:F6:80:FC:A7:C9:30:FD:1F:DC:53:36:75:38:5A:E9:0F:B4:16:72
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9465
sbgp-ipAddrBlock: critical
IPv4:
103.255.0.0/23
IPv6:
2401:26e0::/32
Signature Algorithm: sha256WithRSAEncryption
91:e7:6f:02:4c:ad:db:00:17:86:7a:cd:a3:69:8e:ec:23:6d:
76:df:d5:5b:ab:db:80:77:e6:d4:7a:57:00:28:31:39:ec:87:
70:2e:93:b9:d3:23:18:7f:d2:02:71:a4:7f:70:ea:a9:c2:b3:
d4:83:83:89:d3:54:92:ca:2f:23:9b:55:a9:e3:a6:db:f7:82:
fe:bc:5a:c8:1a:c8:4a:ec:fb:b8:e2:ff:a5:98:e2:e8:af:61:
ca:d0:20:6e:b3:80:0c:fc:59:ce:03:53:6e:3a:1b:00:bd:34:
4a:ef:f4:3c:69:94:dd:0a:07:2f:4d:25:c1:3b:9c:7d:3c:80:
68:3b:72:3f:2f:cf:94:90:8c:17:12:ba:9b:c4:67:2b:4c:4f:
46:e2:86:75:bb:03:69:0f:56:88:0a:36:8a:94:de:a9:ca:e8:
ae:6d:7b:fe:9d:41:e6:07:52:79:91:5d:96:52:8d:83:55:43:
95:8d:b5:19:21:3f:e7:95:49:30:b4:0d:53:4f:c5:3d:f2:f8:
ea:97:6c:6a:27:ac:2a:00:bf:32:fe:53:d2:9e:c3:be:b8:ee:
7d:22:fd:04:e6:f9:07:93:80:3b:a3:e5:d2:c6:73:19:98:cd:
3b:b2:66:e2:ee:8c:a7:c5:14:a7:25:8f:44:a8:d7:22:de:22:
d1:b0:17:fa
-----BEGIN CERTIFICATE-----
MIIGKDCCBRCgAwIBAgIDAmLvMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDkwMzA0Mjg1MVoXDTI2MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjQ4QzkxMTAvBgNVBAUTKDkwRjY4MEZDQTdDOTMwRkQxRkRDNTMz
Njc1Mzg1QUU5MEZCNDE2NzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCAFAcTjLKxTGR4NoGtRxTyuSHRUge9UIU+GSipVZZa38XaRiEgIZa09tE/k/v
QNLblymQ24Ei6l+sSzppmff5aLpLw3kBrULpuXgUpqUVfGNfb104nONdP9EayBYG
d54y056v7Orx0Ke1V5pY6hZRZwmFwO31LWHYZc74y4Hn9cVg+t3QzfjSRxbGbwmh
ihtP2MDxN2O8Sd1fij58s1ejI8yOQItlrkpkNQNOYTyv8kHyzWou/iUtq/TEA7+z
3lIre3x9yRJgq8gyy2qM/qMlfRDJ5hQkVH4dF50EbXrFJbUr/dsjJVBGGfpFBr9s
m+A3YYOrysk1ZrddqphwZoC/AgMBAAGjggMdMIIDGTAdBgNVHQ4EFgQUkPaA/KfJ
MP0f3FM2dTha6Q+0FnIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTI0OEM5L0EwNTVCNUIyNkVFRDExRUVCQzFBQUI1M0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyNDhDOS9BMDU1QjVCMjZFRUQxMUVFQkMxQUFCNTNDNEY5QUUwMi9rUGFBX0tm
Sk1QMGYzRk0yZFRoYTZRLTBGbkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICJPkwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAFn/wAwDQQCAAIw
BwMFACQBJuAwDQYJKoZIhvcNAQELBQADggEBAJHnbwJMrdsAF4Z6zaNpjuwjbXbf
1Vur24B35tR6VwAoMTnsh3Auk7nTIxh/0gJxpH9w6qnCs9SDg4nTVJLKLyObVanj
ptv3gv68WsgayErs+7ji/6WY4uivYcrQIG6zgAz8Wc4DU246GwC9NErv9DxplN0K
By9NJcE7nH08gGg7cj8vz5SQjBcSupvEZytMT0bihnW7A2kPVogKNoqU3qnK6K5t
e/6dQeYHUnmRXZZSjYNVQ5WNtRkhP+eVSTC0DVNPxT3y+OqXbGonrCoAvzL+U9Ke
w7647n0i/QTm+QeTgDuj5dLGcxmYzTuyZuLujKfFFKclj0So1yLeItGwF/o=
-----END CERTIFICATE-----
Generated at Wed Sep 17 20:14:12 2025 by rpki-client